简单搭建DNS服务器——bind

安装bind

# yum install -y bind bind-utils bind-chroot

 

修改配置文件

# grep '^[^#]' /etc/named.conf 
options {
    listen-on port 53 { any; };
。。。
    allow-query     { any; };
。。。

 

# grep '^[^#]' /etc/named.rfc1912.zones
zone "test.com" IN {
      type master;
      file "test.com.zone";  
};
zone "50.168.192.in-addr.arpa" IN {
      type master;
      file "50.168.192.in-addr.arpa.zone";
};

 

 

# cat 50.168.192.in-addr.arpa.zone 
$TTL 600
@       IN SOA  ns root (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum

    IN       NS         ns.test.com.
63    IN       PTR        elasticsearch.test.com.
64    IN       PTR        logstash.test.com.
65    IN       PTR        kibana.test.com.
worker01    IN    CNAME    elasticsearch
worker02    IN    CNAME    logstash
manager        IN    CNAME    kibana

 

# cat test.com.zone               
$TTL 600
$ORIGIN test.com.
@    IN     SOA    ns  root (
                    0    ; serial
                    1D    ; refresh
                    1H    ; retry
                    1W    ; expire
                    3H )    ; minimum
    NS     ns.test.com.
ns        IN    A    192.168.50.42
elasticsearch    IN    A    192.168.50.63  
logstash    IN    A    192.168.50.64
kibana        IN    A    192.168.50.65
worker01    IN    CNAME    elasticsearch
worker02    IN    CNAME    logstash
manager         IN    CNAME   kibana

 

生成key

# rndc-confgen -r /dev/urandom -a
wrote key file "/etc/rndc.key"

# chown named.named /var/named/*    ##关乎成败的一步

 

启动bind

# tailf /var/log/messages   ##观察日志,注意报错信息

启动
# systemctl restart named.service

 

测试

正向解析:

# dig  @192.168.50.42  worker02.test.com  

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> @192.168.50.42 worker02.test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27977
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;worker02.test.com.        IN    A

;; ANSWER SECTION:
worker02.test.com.    600    IN    CNAME    logstash.test.com.
logstash.test.com.    600    IN    A    192.168.50.64

;; AUTHORITY SECTION:
test.com.        600    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        600    IN    A    192.168.50.42

;; Query time: 0 msec
;; SERVER: 192.168.50.42#53(192.168.50.42)
;; WHEN: Wed Nov 13 15:43:15 CST 2019
;; MSG SIZE  rcvd: 118

 

反向解析:

# dig -x 192.168.50.65 @192.168.50.42                     

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> -x 192.168.50.65 @192.168.50.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46537
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.50.168.192.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
65.50.168.192.in-addr.arpa. 600    IN    PTR    kibana.test.com.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 600    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        600    IN    A    192.168.50.42

;; Query time: 0 msec
;; SERVER: 192.168.50.42#53(192.168.50.42)
;; WHEN: Wed Nov 13 15:37:29 CST 2019
;; MSG SIZE  rcvd: 117

 

PS: 博客园自定义皮肤功能很不错,就是博客编译器太烂了。。。

凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,凑够150字,

posted @ 2019-11-12 19:32  M1927  阅读(259)  评论(0编辑  收藏  举报